Overview NSX ALB (previously known as Avi) offers rich capabilities for L4-L7 load balancing across different clouds and for different workloads. However if you run vSphere with Tanzu (TKGs) on top of NSX-T networking, NSX-T will deploy standard NSX load balancers to offer L4 load balancing for guest Tanzu clusters cluster-api and subsequent loadbalancer services […]
Overview In part two of my blog series covering Kubernetes/Tanzu as a service using cloud director and CSE 4.0, I will continue the deployment workflow started in part one, the workflows covered in part two will include NSX ALB integration with Cloud Director and eventually deploying a Tanzu cluster inside Tenant Pindakaas which we created […]
Overview In a previous blog post series (part one and part two) I covered how service providers can offer Tanzu as a Service (TaaS) to their tenants based on vSphere with Tanzu enabled vSphere clusters, this offers a native out-of-the-box capability of Cloud Director and vSphere to offer Tanzu clusters natively to tenants without the […]
Overview During a recent incident I accidentally deleted a Tanzu Kubernetes Cluster which had Antrea CNI integrated with NSX. To my surprise, there was no way for NSX to identify that this cluster was not present anymore and all the cluster inventory information (nodes, namespaces, pods, etc.) were still visible in NSX manager UI under […]
Overview I am just back from VMware Explore in Barcelona after presenting an interesting session about securing containers with Antrea and NSX and I am very excited and pumped to see how our Tanzu portfolio has/is evolved/evolving and this just gave me a push to revisit a topic which is bit common, yet will be […]
Overview In the second part of this blog post I will be finalising my NSX Application Platform deployment on upstream Kubernetes. In Part 1 of this blog series I deployed a vanilla Kubernetes cluster from the ground up, deployed VMware Antrea as CNI, MetalLb as load balancer provider and vSphere storage plugin (CSI provider) which […]
Overview In a previous blog post (HERE) I deployed NSX Application Platform on top of TKGs kubernetes cluster, however I had different discussions with both customers and partners and based on that I decided to write another blog post to cover NSX Application Platform (NAPP) deployment on upstream (aka native) Kubernetes cluster, since not all […]
Overview One of the cool features that was introduced with vSphere 8 is Workload Availability zones, which is basically HA zones for your Tanzu workload clusters hosted on top of vSphere with Tanzu supervisor clusters. Workload availability zones require 3 independent vSphere clusters each with independent networking and storage components, this is needed to provide […]
Overview In this blog post which is the last in series of posts discussing VMware Antrea IDS configuration and visibility, I am going to configure VMware Aria Operations for Logs (formerly known as vRealize LogInsight) to ingest and display VMware Antrea logs including IDS events captured by Antrea IDS Suricata engine. VMware Aria operations for […]
Overview In my previous blog post HERE I deployed VMware Antrea IDS and demonstrated how VMware IDS can secure pods running Antrea as CNI against malicious attacks, and although the feature is in tech preview it is very promising to see that VMware is committed to the vision of bringing Tanzu/Kubernetes security as an integral […]